Cloud VPNs

Type: array of object

All items must be unique

Each item of this array must be:

Type: object

Google Cloud Virtual Private Network (VPN) lets you connect your existing network to your GCP network via an IPsec connection. Alternatively, you can use it to connect two different Google Cloud VPN gateways.

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

Type: const
Specific value: "HA"
Type: object
No Additional Properties

Type: const
Specific value: "HA"

Type: string

This field will be used to combine with [environment] and [prefix] to generate a unique VPC name

Must match regular expression: ^[a-z][a-z0-9-_]{0,62}$
Examples:

"pci"
"hr"
"finance"
"b2b"

Type: string

If specified this 'Environment' value will override the default value specified in the Terraform module

Must match regular expression: ^[a-z][a-z0-9-_]{0,62}$
Examples:

"dev"
"test"
"stage"
"prod"

Type: string

If specified this 'Prefix' value will override the default value specified in the Terraform module

Must match regular expression: ^[a-z][a-z0-9-_]{0,62}$
Examples:

"foo"
"bar"

Type: string

If specified this 'Project ID' value will override the default value specified in the Terraform module

Must match regular expression: ^[a-z][a-z0-9-]{4,28}[a-z0-9]$
Examples:

"phrasal-bank-387121"
"gold-setup-387121"

Type: string

The name of the vpc network to be connected with using Cloud VPN.

Must match regular expression: ^[a-z][a-z0-9-]{0,61}(?<!-)$
Example:

"prod-network"

Type: enum (of string) Default: "US-CENTRAL1"

Must be one of:

  • "ASIA-EAST1"
  • "ASIA-EAST2"
  • "ASIA-NORTHEAST1"
  • "ASIA-NORTHEAST2"
  • "ASIA-NORTHEAST3"
  • "ASIA-SOUTH1"
  • "ASIA-SOUTH2"
  • "ASIA-SOUTHEAST1"
  • "ASIA-SOUTHEAST2"
  • "AUSTRALIA-SOUTHEAST1"
  • "AUSTRALIA-SOUTHEAST2"
  • "EUROPE-CENTRAL2"
  • "EUROPE-NORTH1"
  • "EUROPE-WEST1"
  • "EUROPE-WEST2"
  • "EUROPE-WEST3"
  • "EUROPE-WEST4"
  • "EUROPE-WEST6"
  • "NORTHAMERICA-NORTHEAST1"
  • "NORTHAMERICA-NORTHEAST2"
  • "SOUTHAMERICA-EAST1"
  • "US-CENTRAL1"
  • "US-EAST1"
  • "US-EAST4"
  • "US-WEST1"
  • "US-WEST2"
  • "US-WEST3"
  • "US-WEST4"

Example:

"US-CENTRAL1"

Type: object

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

Type: const
Specific value: true
Type: object

If the Hub Router is manged outside of this Terraform Module

Type: string

This field is used to specify an explicit name to be used

Must match regular expression: ^[a-z][a-z0-9-]{0,61}(?<!-)$

Type: string

Unique ID used to differentiate this resource from other 'like or similar' duplicate resources when the name is not explicitly specified

Must match regular expression: ^[a-z][a-z0-9-_]{0,62}$

Type: object

Type: number

Value must be greater or equal to 1 and lesser or equal to 9999999999

Type: const

Select this option to remove subnet_advertisements from JSON

Specific value: ""

Type: array of string

Must contain a maximum of 0 items

All items must be unique

Each item of this array must be:

Type: string
Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: object

If the Hub Router is manged within this Terraform Module

Type: string

This field is used to specify an explicit name to be used

Must match regular expression: ^[a-z][a-z0-9-]{0,61}(?<!-)$

Type: string

Unique ID used to differentiate this resource from other 'like or similar' duplicate resources when the name is not explicitly specified

Must match regular expression: ^[a-z][a-z0-9-_]{0,62}$

Type: object

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

Do not include any User-specified IP ranges to advertise, this field is not required and only included for UI generation


BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same ASN.

Type: number

Value must be greater or equal to 64512 and lesser or equal to 65534

Type: number

Value must be greater or equal to 4200000000 and lesser or equal to 4294967294

Type: boolean

If true, this resource should be considered managed external to this module and should not be created and/or updated.

Type: object

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

Type: const
Specific value: true
Type: object

If the Hub VPN Gateway is manged outside of this Terraform Module

Type: string

This field is used to specify an explicit name to be used

Must match regular expression: ^[a-z][a-z0-9-]{0,61}(?<!-)$

Type: string

Unique ID used to differentiate this resource from other 'like or similar' duplicate resources when the name is not explicitly specified

Must match regular expression: ^[a-z][a-z0-9-_]{0,62}$

Type: const

This field should not be set and is only included for UI generation

Specific value: ""
Type: object

If the Hub VPN Gateway is manged within this Terraform Module

Type: string

This field is used to specify an explicit name to be used

Must match regular expression: ^[a-z][a-z0-9-]{0,61}(?<!-)$

Type: string

Unique ID used to differentiate this resource from other 'like or similar' duplicate resources when the name is not explicitly specified

Must match regular expression: ^[a-z][a-z0-9-_]{0,62}$

Type: boolean

If true, this resource should be considered managed external to this module and should not be created and/or updated.

Type: array of object

All items must be unique

Each item of this array must be:


Type: object

Used to connect ha cloud vpn to peer vpn gateways running within google cloud that are managed by this terraform module.

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

Type: object

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

If the Spoke VPN Gateway is manged outside of this Terraform Module

Type: string

This field is used to specify an explicit name to be used

Must match regular expression: ^[a-z][a-z0-9-]{0,61}(?<!-)$

Type: string

Unique ID used to differentiate this resource from other 'like or similar' duplicate resources when the name is not explicitly specified

Must match regular expression: ^[a-z][a-z0-9-_]{0,62}$

Type: string

If specified this 'Project ID' value will override the default value specified in the Terraform module

Must match regular expression: ^[a-z][a-z0-9-]{4,28}[a-z0-9]$
Examples:

"phrasal-bank-387121"
"gold-setup-387121"

Type: string

The name of the vpc network to be connected with using Cloud VPN.

Must match regular expression: ^[a-z][a-z0-9-]{0,61}(?<!-)$
Example:

"prod-network"

Default: 2

Number of tunnels that should be deployed

Value must be greater or equal to 0 and lesser or equal to 2

Type: object

If the Spoke VPN Gateway is manged within this Terraform Module

Type: string

This field is used to specify an explicit name to be used

Must match regular expression: ^[a-z][a-z0-9-]{0,61}(?<!-)$

Type: string

Unique ID used to differentiate this resource from other 'like or similar' duplicate resources when the name is not explicitly specified

Must match regular expression: ^[a-z][a-z0-9-_]{0,62}$

Type: string

If specified this 'Project ID' value will override the default value specified in the Terraform module

Must match regular expression: ^[a-z][a-z0-9-]{4,28}[a-z0-9]$
Examples:

"phrasal-bank-387121"
"gold-setup-387121"

Type: string

The name of the vpc network to be connected with using Cloud VPN.

Must match regular expression: ^[a-z][a-z0-9-]{0,61}(?<!-)$
Example:

"prod-network"

Default: 2

Number of tunnels that should be deployed

Value must be greater or equal to 0 and lesser or equal to 2

Type: boolean

If true, this resource should be considered managed external to this module and should not be created and/or updated.

Type: object

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

If the Spoke Router is manged outside of this Terraform Module

Type: string

This field is used to specify an explicit name to be used

Must match regular expression: ^[a-z][a-z0-9-]{0,61}(?<!-)$

Type: string

Unique ID used to differentiate this resource from other 'like or similar' duplicate resources when the name is not explicitly specified

Must match regular expression: ^[a-z][a-z0-9-_]{0,62}$


Type: object

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object
Type: object

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

Type: number

Value must be greater or equal to 1 and lesser or equal to 9999999999

Type: array of object

Any values specified here will be applied to tunnels that are created. If more tunnels are created than addresses specified here they will be randomly assigned

Each item of this array must be:


Type: object

When dynamic pre-shared secret is selected and [static,terraform_variable,secret_manager] pre-shared should be empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.


Type: object

Type: string

This field should be set to empty remove static_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: string

This field should be set to empty remove terraform_variable_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: string

This field should be set to empty remove secret_manager_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: object

When static pre-shared secret is selected and [terraform_variable,secret_manager] pre-shared are empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

When static pre-shared secret is selected and [terraform_variable,secret_manager] pre-shared are not empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.


Type: object

Type: string

This field should be set to empty remove terraform_variable_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: string

This field should be set to empty remove secret_manager_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: object

When terraform_variable pre-shared secret is selected and [static,secret_manager] pre-shared are empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

When terraform_variable pre-shared secret is selected and [static,secret_manager] pre-shared are not empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.


Type: object

Type: object

When secret_manager pre-shared secret is selected and [static,terraform_variable] pre-shared are empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

When secret_manager pre-shared secret is selected and [static,terraform_variable] pre-shared are not empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.


Type: object

Type: number

The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.

Value must be greater or equal to 0 and lesser or equal to 65535

Type: string

IPv4 address of the BGP interface, if not specified this IPv4 address will automatically assigned

Must match regular expression: ^169.254((\.([0-9]|[1-9][0-9]{0,1}|1[0-9]{1,2}|2[0-4][0-9]|25[0-4])){2})$

Type: string

IPv4 address of the BGP interface, if the hub_ipv4_address is not specified this IPv4 address will automatically assigned

Must match regular expression: ^169.254((\.([0-9]|[1-9][0-9]{0,1}|1[0-9]{1,2}|2[0-4][0-9]|25[0-4])){2})$

Type: boolean

If IPv6 is enabled, the peer connection can be established with IPv6 route exchange. IPv6 addresses are dynamically generated

Default: "DYNAMIC"

Type: const

When dynamic pre-shared secret is selected, the terraform module will 'randomly' generate a pre-shared key to use

Specific value: "DYNAMIC"
Type: const

When static pre-shared secret is selected, the terraform module will use the string included in this field as the secret for phase 1 encryption>All arguments including the following potentially sensitive values will be stored in the raw state as plain text: shared_secret

Specific value: "STATIC"
Type: const

When terraform variable pre-shared secret is selected, the terraform module will use the terraform variable name included in this field as the path to the secret for phase 1 encryption

Specific value: "TERRAFORM_VARIABLE"
Type: const

When secret manager is selected, the terraform module will use the string referenced in Secret Manager for phase 1 encryption

Specific value: "SECRET_MANAGER"

Examples:

{
    "hub_ipv4_address": "169.254.0.1",
    "spoke_ipv4_address": "169.254.0.2"
}
{
    "disabled": true,
    "hub_ipv4_address": "169.254.0.5",
    "spoke_ipv4_address": "169.254.0.6"
}
{
    "disabled": true,
    "hub_ipv4_address": "169.254.0.5",
    "spoke_ipv4_address": "169.254.0.6",
    "ipv6_enabled": true
}
Type: object

If the Spoke Router is manged within this Terraform Module

Type: string

This field is used to specify an explicit name to be used

Must match regular expression: ^[a-z][a-z0-9-]{0,61}(?<!-)$

Type: string

Unique ID used to differentiate this resource from other 'like or similar' duplicate resources when the name is not explicitly specified

Must match regular expression: ^[a-z][a-z0-9-_]{0,62}$


Type: object

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object
Type: object

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object


BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same ASN.

Type: array of object

Any values specified here will be applied to tunnels that are created. If more tunnels are created than addresses specified here they will be randomly assigned

Each item of this array must be:


Type: object

When dynamic pre-shared secret is selected and [static,terraform_variable,secret_manager] pre-shared should be empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.


Type: object

Type: string

This field should be set to empty remove static_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: string

This field should be set to empty remove terraform_variable_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: string

This field should be set to empty remove secret_manager_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: object

When static pre-shared secret is selected and [terraform_variable,secret_manager] pre-shared are empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

When static pre-shared secret is selected and [terraform_variable,secret_manager] pre-shared are not empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.


Type: object

Type: string

This field should be set to empty remove terraform_variable_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: string

This field should be set to empty remove secret_manager_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: object

When terraform_variable pre-shared secret is selected and [static,secret_manager] pre-shared are empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

When terraform_variable pre-shared secret is selected and [static,secret_manager] pre-shared are not empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.


Type: object

Type: object

When secret_manager pre-shared secret is selected and [static,terraform_variable] pre-shared are empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

When secret_manager pre-shared secret is selected and [static,terraform_variable] pre-shared are not empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.


Type: object

Type: number

The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.

Value must be greater or equal to 0 and lesser or equal to 65535

Type: string

IPv4 address of the BGP interface, if not specified this IPv4 address will automatically assigned

Must match regular expression: ^169.254((\.([0-9]|[1-9][0-9]{0,1}|1[0-9]{1,2}|2[0-4][0-9]|25[0-4])){2})$

Type: string

IPv4 address of the BGP interface, if the hub_ipv4_address is not specified this IPv4 address will automatically assigned

Must match regular expression: ^169.254((\.([0-9]|[1-9][0-9]{0,1}|1[0-9]{1,2}|2[0-4][0-9]|25[0-4])){2})$

Type: boolean

If IPv6 is enabled, the peer connection can be established with IPv6 route exchange. IPv6 addresses are dynamically generated

Default: "DYNAMIC"

Type: const

When dynamic pre-shared secret is selected, the terraform module will 'randomly' generate a pre-shared key to use

Specific value: "DYNAMIC"
Type: const

When static pre-shared secret is selected, the terraform module will use the string included in this field as the secret for phase 1 encryption>All arguments including the following potentially sensitive values will be stored in the raw state as plain text: shared_secret

Specific value: "STATIC"
Type: const

When terraform variable pre-shared secret is selected, the terraform module will use the terraform variable name included in this field as the path to the secret for phase 1 encryption

Specific value: "TERRAFORM_VARIABLE"
Type: const

When secret manager is selected, the terraform module will use the string referenced in Secret Manager for phase 1 encryption

Specific value: "SECRET_MANAGER"

Examples:

{
    "hub_ipv4_address": "169.254.0.1",
    "spoke_ipv4_address": "169.254.0.2"
}
{
    "disabled": true,
    "hub_ipv4_address": "169.254.0.5",
    "spoke_ipv4_address": "169.254.0.6"
}
{
    "disabled": true,
    "hub_ipv4_address": "169.254.0.5",
    "spoke_ipv4_address": "169.254.0.6",
    "ipv6_enabled": true
}

Type: boolean

If true, this resource should be considered managed external to this module and should not be created and/or updated.

Type: object

Used to connect ha cloud vpn to peer vpn gateways running within google cloud that are not managed by this terraform module.

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

Type: object

Type: string

This field is used to specify an explicit name to be used

Must match regular expression: ^[a-z][a-z0-9-]{0,61}(?<!-)$

Type: string

If specified this 'Project ID' value will override the default value specified in the Terraform module

Must match regular expression: ^[a-z][a-z0-9-]{4,28}[a-z0-9]$
Examples:

"phrasal-bank-387121"
"gold-setup-387121"

Default: 2

Number of tunnels that should be deployed

Type: const

Useful for troubleshooting VPN Gateways without the need for tunnel creation

Specific value: 0
Type: const

A single tunnel won't provide high availability. You can add more tunnels later when needed.

Specific value: 1

Value must be greater or equal to 0 and lesser or equal to 2

Type: object

Type: object

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

Type: const

Select this option to remove subnet_advertisements from JSON

Specific value: ""

Type: number

Value must be greater or equal to 1 and lesser or equal to 9999999999

Type: array of object

Any values specified here will be applied to tunnels that are created. If more tunnels are created than addresses specified here they will be randomly assigned

Each item of this array must be:


Type: object

When dynamic pre-shared secret is selected and [static,terraform_variable,secret_manager] pre-shared should be empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.


Type: object

Type: string

This field should be set to empty remove static_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: string

This field should be set to empty remove terraform_variable_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: string

This field should be set to empty remove secret_manager_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: object

When static pre-shared secret is selected and [terraform_variable,secret_manager] pre-shared are empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

When static pre-shared secret is selected and [terraform_variable,secret_manager] pre-shared are not empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.


Type: object

Type: string

This field should be set to empty remove terraform_variable_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: string

This field should be set to empty remove secret_manager_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: object

When terraform_variable pre-shared secret is selected and [static,secret_manager] pre-shared are empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

When terraform_variable pre-shared secret is selected and [static,secret_manager] pre-shared are not empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.


Type: object

Type: string

This field should be set to empty remove static_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: string

This field should be set to empty remove secret_manager_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: object

When secret_manager pre-shared secret is selected and [static,terraform_variable] pre-shared are empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

When secret_manager pre-shared secret is selected and [static,terraform_variable] pre-shared are not empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.


Type: object

Type: string

This field should be set to empty remove static_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: string

This field should be set to empty remove terraform_variable_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: number

The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.

Value must be greater or equal to 0 and lesser or equal to 65535

Type: boolean

If disabled, any active session with the peer is terminated and all associated routing information is removed.

Type: string

IPv4 address of the BGP interface, if not specified this IPv4 address will automatically assigned

Must match regular expression: ^169.254((\.([0-9]|[1-9][0-9]{0,1}|1[0-9]{1,2}|2[0-4][0-9]|25[0-4])){2})$

Type: string

IPv4 address of the BGP interface, if the hub_ipv4_address is not specified this IPv4 address will automatically assigned

Must match regular expression: ^169.254((\.([0-9]|[1-9][0-9]{0,1}|1[0-9]{1,2}|2[0-4][0-9]|25[0-4])){2})$

Type: boolean

If IPv6 is enabled, the peer connection can be established with IPv6 route exchange. IPv6 addresses are dynamically generated

Default: "DYNAMIC"

Type: const

When dynamic pre-shared secret is selected, the terraform module will 'randomly' generate a pre-shared key to use

Specific value: "DYNAMIC"
Type: const

When static pre-shared secret is selected, the terraform module will use the string included in this field as the secret for phase 1 encryption>All arguments including the following potentially sensitive values will be stored in the raw state as plain text: shared_secret

Specific value: "STATIC"
Type: const

When terraform variable pre-shared secret is selected, the terraform module will use the terraform variable name included in this field as the path to the secret for phase 1 encryption

Specific value: "TERRAFORM_VARIABLE"
Type: const

When secret manager is selected, the terraform module will use the string referenced in Secret Manager for phase 1 encryption

Specific value: "SECRET_MANAGER"

Examples:

{
    "hub_ipv4_address": "169.254.0.1",
    "spoke_ipv4_address": "169.254.0.2"
}
{
    "disabled": true,
    "hub_ipv4_address": "169.254.0.5",
    "spoke_ipv4_address": "169.254.0.6"
}
{
    "disabled": true,
    "hub_ipv4_address": "169.254.0.5",
    "spoke_ipv4_address": "169.254.0.6",
    "ipv6_enabled": true
}
Type: object

Used to connect ha cloud vpn to peer vpn gateways that can be either an on-premises or hosted by another cloud provider.

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

Type: object

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

Type: string

This field is used to specify an explicit name to be used

Must match regular expression: ^[a-z][a-z0-9-]{0,61}(?<!-)$

Type: string

Unique ID used to differentiate this resource from other 'like or similar' duplicate resources when the name is not explicitly specified

Must match regular expression: ^[a-z][a-z0-9-_]{0,62}$

Type: const

This field should not be set and is only included for UI generation

Specific value: ""

Default: 2

Number of tunnels that should be deployed


Type: object

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: string

This field is used to specify an explicit name to be used

Must match regular expression: ^[a-z][a-z0-9-]{0,61}(?<!-)$

Type: string

Unique ID used to differentiate this resource from other 'like or similar' duplicate resources when the name is not explicitly specified

Must match regular expression: ^[a-z][a-z0-9-_]{0,62}$

Default: 2

Number of tunnels that should be deployed

Type: array of string

IP address of the interface in the external VPN gateway. Only IPv4 is supported. This IP address can be either from your on-premise gateway or another Cloud provider's VPN gateway, it cannot be an IP address from Google Compute Engine.

All items must be unique

Each item of this array must be:

Type: string
Must match regular expression: ^(?:([0-9]|[1-9][0-9]{0,1}|1[0-9]{1,2}|2[0-4][0-9]|25[0-5])(\.([0-9]|[1-9][0-9]{0,1}|1[0-9]{1,2}|2[0-4][0-9]|25[0-5])){3})$

Examples:

[
    "1.2.3.4",
    "1.2.3.5"
]
[
    "1.2.3.4",
    "1.2.3.5"
]

Type: boolean

If true, this resource should be considered managed external to this module and should not be created and/or updated.

Type: object

Type: object

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

Type: const

Select this option to remove subnet_advertisements from JSON

Specific value: ""

Type: array of string

Must contain a maximum of 0 items

All items must be unique

Each item of this array must be:

Type: number

Value must be greater or equal to 1 and lesser or equal to 9999999999

Type: array of object

Any values specified here will be applied to tunnels that are created. If more tunnels are created than addresses specified here they will be randomly assigned

Each item of this array must be:


Type: object

When dynamic pre-shared secret is selected and [static,terraform_variable,secret_manager] pre-shared should be empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.


Type: object

Type: string

This field should be set to empty remove static_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: string

This field should be set to empty remove terraform_variable_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: string

This field should be set to empty remove secret_manager_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: object

When static pre-shared secret is selected and [terraform_variable,secret_manager] pre-shared are empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

When static pre-shared secret is selected and [terraform_variable,secret_manager] pre-shared are not empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.


Type: object

Type: string

This field should be set to empty remove terraform_variable_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: string

This field should be set to empty remove secret_manager_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: object

When terraform_variable pre-shared secret is selected and [static,secret_manager] pre-shared are empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

When terraform_variable pre-shared secret is selected and [static,secret_manager] pre-shared are not empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.


Type: object

Type: string

This field should be set to empty remove static_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: string

This field should be set to empty remove secret_manager_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: object

When secret_manager pre-shared secret is selected and [static,terraform_variable] pre-shared are empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.

Type: object

When secret_manager pre-shared secret is selected and [static,terraform_variable] pre-shared are not empty

If the conditions in the "If" tab are respected, then the conditions in the "Then" tab should be respected. Otherwise, the conditions in the "Else" tab should be respected.


Type: object

Type: string

This field should be set to empty remove static_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: string

This field should be set to empty remove terraform_variable_pre_shared_secret from JSON

Must match regular expression: ^(?!.*)

Must be at most 0 characters long

Type: number

The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.

Value must be greater or equal to 0 and lesser or equal to 65535

Type: boolean

If disabled, any active session with the peer is terminated and all associated routing information is removed.

Type: string

IPv4 address of the BGP interface, if not specified this IPv4 address will automatically assigned

Must match regular expression: ^169.254((\.([0-9]|[1-9][0-9]{0,1}|1[0-9]{1,2}|2[0-4][0-9]|25[0-4])){2})$

Type: string

IPv4 address of the BGP interface, if the hub_ipv4_address is not specified this IPv4 address will automatically assigned

Must match regular expression: ^169.254((\.([0-9]|[1-9][0-9]{0,1}|1[0-9]{1,2}|2[0-4][0-9]|25[0-4])){2})$

Type: boolean

If IPv6 is enabled, the peer connection can be established with IPv6 route exchange. IPv6 addresses are dynamically generated

Default: "DYNAMIC"

Type: const

When dynamic pre-shared secret is selected, the terraform module will 'randomly' generate a pre-shared key to use

Specific value: "DYNAMIC"
Type: const

When static pre-shared secret is selected, the terraform module will use the string included in this field as the secret for phase 1 encryption>All arguments including the following potentially sensitive values will be stored in the raw state as plain text: shared_secret

Specific value: "STATIC"
Type: const

When terraform variable pre-shared secret is selected, the terraform module will use the terraform variable name included in this field as the path to the secret for phase 1 encryption

Specific value: "TERRAFORM_VARIABLE"
Type: const

When secret manager is selected, the terraform module will use the string referenced in Secret Manager for phase 1 encryption

Specific value: "SECRET_MANAGER"

Examples:

{
    "hub_ipv4_address": "169.254.0.1",
    "spoke_ipv4_address": "169.254.0.2"
}
{
    "disabled": true,
    "hub_ipv4_address": "169.254.0.5",
    "spoke_ipv4_address": "169.254.0.6"
}
{
    "disabled": true,
    "hub_ipv4_address": "169.254.0.5",
    "spoke_ipv4_address": "169.254.0.6",
    "ipv6_enabled": true
}

Default: "HA"

Type: const
Specific value: "HA"
Type: const
Specific value: "CLASSIC"